Infesting up a Virtual Machine!

Discussion in 'sandboxing & virtualization' started by WyzoMan, Nov 16, 2008.

Thread Status:
Not open for further replies.
  1. WyzoMan

    WyzoMan Registered Member

    Joined:
    Nov 16, 2008
    Posts:
    2
    Hey All,

    My first of many posts [hopefully]!

    As you may have noticed from the title of the thread, I'm wondering how to purposely infect my Virtual Machine with malware.

    This is purely for testing purposes as although I read many reviews etc. on anti-malware apps, but I would love to try and test them out for myself.

    Most of you by now are probably thinking - "Why would anyone want to do that?" or "What, are you MAD?"

    Well quite frankly I must be :rolleyes:

    Anyways, I'm super-cautious with regards to PC security and would just like some advice on how to purposely infest my VM with viruses/spyware so that I can see if the Anti-Malware apps can deal with them etc.

    Google seems to render quite hard to navigate through at this stage as there is no definitive answer.

    So... I revert to the renound WildersSecurity Forum :D

    Thanks in advance :D
     
  2. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    I'm sure quite a few Wilder's members do exactly what you want to do.

    Here I still have Returnil active on the real system even when testing malware within a virtual machine just in case.

    You can even tighten things up more by running malware inside Sandboxie within a vm.

    Also you may find that some malware installers won't run in a virtual environment as they seem to be aware of such and auto end the installation.
     
  3. WyzoMan

    WyzoMan Registered Member

    Joined:
    Nov 16, 2008
    Posts:
    2
    I didn't know that others had similar sorts of interests.

    With regards to my initial post, i was wondering more about how exactly to get the malware on my system.

    How do I use malware samples and such?
     
  4. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    Yes but this is a dumb auto-disabling feature. That is far away from sophisticated.

    Honeypots? Why not surfing to some bad websides.:D
     
  5. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    If your wanting to purposely infect your machine and you have to ask how, then perhaps you should do a little reading first. Also, are you willing to accept responsibility for malware running wild on your machine that may be attacking (ddos) and/or infecting other computers? I'm not trying to be smart, I just want you to understand that you are playing with fire and your house is not the only one at risk. Just something to think about ;)

    If your serious about this, the info is out there. You can also submit the files to VirusTotal and Jotti to be scanned by multiple anti-virus/malware vendors. I think you'll find that anti-virus/malware programs can only do so much because they rely on definitions. That is why the members of Wilder's are discussing alternative programs such as HIPS, sandboxes, behavior blockers, VM's, lite virtualization apps, Linux, etc.

    Do a search for member Rmus and his posts. He does an excellent job of explaining some of the current malware and ways of protecting your system from them. Have a good look around at the links in his posts. Oh, and don't forget you need to know how to store the 'nasties' on your machine.
     
  6. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Hi WyzoMan :) a lot of members here do this sort of thing all the time for knowledge and vocation - as innerpeace has said go and do some more research first - if you did you probably wouldn't need to be asking these questions.
     
  7. Defcon

    Defcon Registered Member

    Joined:
    Jul 5, 2006
    Posts:
    332
    Seems like the place to ask - is there malware which is aware that it's running in a VM and tries to infect the host by exploiting vulnerabilities in either the VM software (I know rootkits can do this) or using attack poins like writeable shares on the host.
     
  8. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,041
    Meriadoc made an excellent point. You need to do a lot of homework on your own, before asking. Asking may get you partial answers, but not the whole story.

    For example, how do you image your host?

    Pete
     
  9. wilbertnl

    wilbertnl Registered Member

    Joined:
    Dec 29, 2004
    Posts:
    1,850
    Location:
    Tulsa, Oklahoma
    I skip the concerns, I assume that you know what you are doing.
    Since I expect that a link here would be censored, I will PM you a link to a site that specializes in malware samples
     
  10. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    in short, yes!:D Everything that comes into earthly being (no matter if virtual or real) gets a opponent, just Tao.
     
  11. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    Has anyone used www.scandoo.com when looking for malware? I've always been curious if their scanning technology is accurate. The sites with the little bugs indicate security threats that may have potential malware. You can also change your security preferences for scandoo and preferences for Google to not filter the search results. Scandoo uses Google as the search engine.
     
Loading...
Thread Status:
Not open for further replies.